Vulnerabilities > CVE-2012-1584 - Numeric Errors vulnerability in Scott Wheeler Taglib

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
scott-wheeler
CWE-189
nessus

Summary

Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header field in a media file, which triggers a large memory allocation.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-218.NASL
    descriptionSpecially crafted ogg files could crash taglib
    last seen2020-06-05
    modified2014-06-13
    plugin id74595
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74595
    titleopenSUSE Security Update : taglib (openSUSE-SU-2012:0490-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-4291.NASL
    descriptionNew upstream release, largely to address security issues related to ogg xiphcomments and ape sampleRate=0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-04-09
    plugin id58625
    published2012-04-09
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58625
    titleFedora 16 : taglib-1.7.1-1.fc16 (2012-4291)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_TAGLIB-8041.NASL
    descriptionThe following issue has been fixed : - Specially crafted ogg files could have crashed taglib
    last seen2020-06-05
    modified2012-06-15
    plugin id59524
    published2012-06-15
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59524
    titleSuSE 10 Security Update : taglib (ZYPP Patch Number 8041)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-4184.NASL
    descriptionNew upstream release, largely to address security issues related to ogg xiphcomments and ape sampleRate=0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-04-12
    plugin id58690
    published2012-04-12
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58690
    titleFedora 17 : taglib-1.7.1-1.fc17 (2012-4184)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201206-16.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201206-16 (TagLib: Multiple vulnerabilities) Multiple vulnerabilities have been found in TagLib: The
    last seen2020-06-01
    modified2020-06-02
    plugin id59669
    published2012-06-25
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/59669
    titleGLSA-201206-16 : TagLib: Multiple vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-4268.NASL
    descriptionNew upstream release, largely to address security issues related to ogg xiphcomments and ape sampleRate=0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-04-09
    plugin id58624
    published2012-04-09
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58624
    titleFedora 15 : taglib-1.7.1-1.fc15 (2012-4268)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_TAGLIB-120417.NASL
    descriptionThe following issue has been fixed : - specially crafted ogg files could have crashed taglib
    last seen2020-06-05
    modified2013-01-25
    plugin id64229
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64229
    titleSuSE 11.1 Security Update : taglib (SAT Patch Number 6179)